package com.dongdongshop.controller;

import com.dongdongshop.constant.AdminLoginConstant;
import com.dongdongshop.pojo.TbAdminUser;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import java.util.concurrent.TimeUnit;


@Controller
public class AdminLoginController {

    @Autowired
    private RedisTemplate redisTemplate;

    @RequestMapping({"/","toLogin"})
    public String toLogin(){

        return "login";
    }

    @RequestMapping(value = "login",method = RequestMethod.POST)
    public String login(String username, String password, Model model){
        if (null == username || "".equals(username)
                || null == password || "".equals(password)){
            model.addAttribute("message","用户或者密码不能为空");
        }

        Subject subject = SecurityUtils.getSubject();

        UsernamePasswordToken token =new UsernamePasswordToken(username,password);

        String adminLoginErrorCount =  AdminLoginConstant.ADMIN_LOGIN_ERROR_COUNT + username;
        String adminLoginErrorLock = AdminLoginConstant.ADMIN_LOGIN_ERROR_LOCK + username;

        if (redisTemplate.hasKey(adminLoginErrorLock)){
            model.addAttribute("message","由于密码错误次数已达上限，请在"+redisTemplate.getExpire(adminLoginErrorLock, TimeUnit.MINUTES)+"分钟后再试");
            return "/login";
        }


        try {
            subject.login(token);
        }catch (UnknownAccountException e){
            model.addAttribute("message","用户未注册");
            return "/login";
        }catch (IncorrectCredentialsException e){
            if (!redisTemplate.hasKey(adminLoginErrorCount)){
                redisTemplate.opsForValue().set(adminLoginErrorCount,1);
                redisTemplate.expire(adminLoginErrorCount,2,TimeUnit.MINUTES);
                model.addAttribute("message","在120内还可以输入四次密码");
                return "/login";
            }else {
                Long count  = Long.parseLong( redisTemplate.opsForValue().get(adminLoginErrorCount).toString());
                if (count < 4){
                    Long increment = redisTemplate.opsForValue().increment(adminLoginErrorCount, 1);
                    Long expire = redisTemplate.getExpire(adminLoginErrorCount, TimeUnit.SECONDS);
                    model.addAttribute("message","在"+expire+"秒内，还可以输入"+(5 - increment)+"次密码");
                    return "/login";
                }else {
                    redisTemplate.opsForValue().set(adminLoginErrorLock,"lock");
                    redisTemplate.expire(adminLoginErrorLock,1,TimeUnit.HOURS);
                    model.addAttribute("message","该账号已被冻结，请站在一小时后再试");
                    return "/login";
                }
            }
        }
        redisTemplate.delete(adminLoginErrorCount);
//        model.addAttribute("message","登录成功");

        return "redirect:/index/toIndex";
    }
}
